I don't think the exploit in that case was re-encoding. What happened is an image with very large dimensions was uploaded. When this was decoded into a raw pixel buffer on the client it used tons of memory. It was effectively a zip bomb attack.

In fact re-encoding probably would have solved this as the server could enforce the expected dimensions and rescale or reject the image.